91 matches found
Employee Record Management System /admin/allemployees.php File SQL Injection Vulnerability
Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/allemployees.php. An...
CVE-2025-5837
A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file /admin/allemployees.php. The manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit...
PHPGurukul Employee Record Management System 注入漏洞
Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/allemployees.php. An...
CVE-2022-28929
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php...
CVE-2023-7051
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/manage-notes.php of the component Notes Handler. The manipulation of the argument delid leads to cross-site request forgery...
CVE-2022-28929
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php...
CVE-2022-28929
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php...
WordPress rk-responsive-contact-form SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. rk-responsive-contact-form is one of the responsive contact form plugin. A SQL injection vulnerability exists in...
YXcmsApp V1.4.3 SQL Injection Vulnerability in Background Deletion of Guestbooks
Yxcms is an enterprise building system based on PHP and mysql technology. A SQL injection vulnerability exists in YXcmsApp V1.4.3 at the background deletion of guestbooks. The lack of filtering of the 'delid' parameter allows attackers to exploit the vulnerability to obtain sensitive database...
CVE-2016-0769
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...
WordPress plugin Duplicator views/actions.php duplicator_delid parameter SQL injection vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Duplicator Plugin for WordPress is a plugin for WordPress. Duplicator Plugin for WordPress views/actions.php script handles a...